The situation around the critical cPanel authentication bypass vulnerability (CVE-2026-41940) has deteriorated significantly since our initial coverage. Exploratory probing has evolved into multi-actor exploitation, leading to disrupted websites, ransomware and malware deployment, and targeted attacks. “Sorry” ransomware Attackers have taken advantage of CVE-2026-41940 to mass-exploit vulnerable internet-facing cPanel instances to breach servers, deface websites and encrypt data. The ransomware used in some of the attacks is a Go(Lang)-based Linux encryptor that encrypts files and appends … More →
The post Multiple threat actors actively exploit cPanel vulnerability (CVE-2026-41940) appeared first on Help Net Security.
http://news.poseidon-us.com/TSMZKB
